Merge pull request #13815 from mkllnk/secrets

Replace deprecated Rails secrets with credentials
2026-01-11 18:26:50 +00:00 · 2026-01-08 18:46:33 +00:00
parent 0cd9fa91a8 e91fab5702
commit c73f28b434
5 changed files with 4 additions and 10 deletions
--- a/app/controllers/admin/stripe_accounts_controller.rb
+++ b/app/controllers/admin/stripe_accounts_controller.rb
@@ -6,7 +6,7 @@ module Admin
  class StripeAccountsController < Spree::Admin::BaseController
    def connect
      payload = params.permit(:enterprise_id).to_h
-      key = Openfoodnetwork::Application.config.secret_token
+      key = Rails.application.secret_key_base
      url_params = { state: JWT.encode(payload, key, 'HS256'), scope: "read_write" }
      redirect_to Stripe::OAuth.authorize_url(url_params)
    end
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -74,9 +74,6 @@ Rails.application.configure do
    allowed_warnings = [
      # List strings here to allow matching deprecations.
      #
-      # `Rails.application.secrets` is deprecated in favor of `Rails.application.credentials` and will be removed in Rails 7.2
-      "Rails.application.secrets",
-
      "Passing the class as positional argument",

      # Spree::CreditCard model aliases `cc_type` and has a method called `cc_type=` defined. Starting in Rails 7.2 `brand=` will not be calling `cc_type=` anymore. You may want to additionally define `brand=` to preserve the current behavior.
--- a/config/initializers/secret_token.rb
+++ b/config/initializers/secret_token.rb
@@ -6,7 +6,4 @@
 # no regular words or you'll be exposed to dictionary attacks.

 # Rails 4+ key for signing and encrypting cookies.
-Openfoodnetwork::Application.config.secret_key_base = ENV["SECRET_TOKEN"]
-
-# Legacy secret_token variable. This is still used directly for encryption.
-Openfoodnetwork::Application.config.secret_token = ENV["SECRET_TOKEN"]
+Openfoodnetwork::Application.credentials.secret_key_base = ENV["SECRET_TOKEN"]
--- a/lib/stripe/account_connector.rb
+++ b/lib/stripe/account_connector.rb
@@ -41,7 +41,7 @@ module Stripe

    def state
      # Returns the original payload
-      key = Openfoodnetwork::Application.config.secret_token
+      key = Rails.application.secret_key_base
      JWT.decode(params["state"], key, true, algorithm: 'HS256')[0]
    end

--- a/spec/lib/stripe/account_connector_spec.rb
+++ b/spec/lib/stripe/account_connector_spec.rb
@@ -10,7 +10,7 @@ module Stripe
      let(:user) { create(:user) }
      let(:enterprise) { create(:enterprise) }
      let(:payload) { { "junk" => "Ssfs" } }
-      let(:state) { JWT.encode(payload, Openfoodnetwork::Application.config.secret_token) }
+      let(:state) { JWT.encode(payload, Rails.application.secret_key_base) }
      let(:params) { { "state" => state } }
      let(:connector) { AccountConnector.new(user, params) }